mpp-service-discovery

Warn

Audited by Snyk on Jun 29, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.95). The REQUIRED workflow explicitly performs runtime web fetches of outsider-authored free text—e.g., it fetches https://paymentauth.org/draft-payment-discovery-00.html, https://mpp.dev/overview, and web-search results (“implementation examples”, “directory listing requirements”)—which the agent would ingest as readable page text into the LLM context.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

  • Potentially malicious external URL detected (high risk: 0.70). The skill instructs agents to fetch external llms.txt files referenced in x-service-info (e.g., https://api.example.com/llms.txt), which are retrieved at runtime and used to describe/drive LLM agent behavior, so the fetched content can directly control agent prompts.

Issues (2)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W012
MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 29, 2026, 02:51 PM
Issues
2
Security Audit — snyk — mpp-service-discovery